Techniques for authentication and authorization of a user, an application, or a user device for access to web resources are described. For example, a machine identifies an access request to access a remote resource associated with a web service. The access request may be received from an application executing at a user device. The machine retrieves at least one user artifact from a security manager identifier received from the web service. The machine performs fingerprinting of the user device based on the at least one user artifact. The machine transmits the access request to the web service based on the performing of the fingerprinting of the user device. The machine, in response to the transmitting of the access request to the web service, receives a resource access authorization from the web service for the application executing at the user device.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A system comprising: one or more hardware processors; and a non-transitory machine-readable medium for storing instructions that, when executed by the one or more hardware processors, cause the one or more hardware processors to perform operations comprising: identifying an access request for an application to access a remote resource associated with a web service; automatically retrieving at least one user artifact from a security manager identifier (SMID), the SMID including a quick response (QR) code that represents one or more artifacts previously provided by a user; automatically performing fingerprinting of the user device based on matching the at least one user artifact and a stored artifact; transmitting the access request based on the performing of the fingerprinting of the user device; and in response to the transmitting of the access request, receiving a resource access authorization for the application.
2. The system of claim 1 , wherein the at least one user artifact comprises at least one of an image, color, or phrase selected by the user; and wherein the at least one user artifact is previously registered at the web service in relation with the user.
3. The system of claim 1 , wherein the QR code is generated during a registration process associated with a user device security manager.
4. The system of claim 1 , wherein the operations further comprise: receiving the SMID using at least one of QR code submission, redirection, push notification, manual entry, or an email communication.
5. The system of claim 1 , wherein the operations further comprise: transmitting the SMID to verify the user device in response to the identifying of the access request.
6. The system of claim 1 , wherein the operations further comprise: signaling a display associated with the user device to present at least one portion of the at least one user artifact based on receiving an indication that the user device is verified by the web service.
7. The system of claim 1 , wherein the at least one user artifact is to be eliminated from the web service after the user device has been verified by the web service.
8. The system of claim 1 , wherein the operations further comprise: preventing the user device from prompting the user with one or more user authentication pages based on identifying a valid user token associated with the user from the SMID.
9. A method comprising: identifying an access request for an application to access a remote resource associated with a web service; automatically retrieving at least one user artifact from a security manager identifier (SMID), the SMID including a quick response (QR) code that represents one or more artifacts previously provided by a user; automatically performing fingerprinting of the user device based on matching the at east one user artifact and a stored artifact; transmitting the access request based on the performing of the fingerprinting of the user device; and in response to the transmitting of the access request, receiving a resource access authorization for the application.
10. The method of claim 9 , wherein the at least one user artifact comprises at least one of an image, color, or phrase selected by the user, and wherein the at least one user artifact is previously registered at the web service in relation with the user.
11. The method of claim 9 , wherein the QR code, is generated during a registration process associated with a user device security manager.
12. The method of claim 9 , further comprising: receiving the SMID using at least one of QR code submission, redirection, push notification, manual entry or an email communication.
13. The method of claim 9 , further comprising: transmitting the SMID to verify the user device in response to the identifying of the access request.
14. The method of claim 9 , further comprising: signaling a display associated with the user device to present at least one portion of the at least one user artifact based on receiving an indication that the user device is verified by the web service.
15. The method of claim 9 , wherein the at least one user artifact is to be eliminated from the web service after the user device has been verified by the web service.
16. The method of claim 9 , further comprising: preventing the user device from prompting the user with one or more user authentication pages based on identifying a valid user token associated with the user from the SMID.
17. A non-transitory machine-readable storage medium storing instructions that, when executed by one or more hardware processors, cause the one or more hardware processors to perform operations comprising: identifying an access request for an application to access a remote resource associated with a web service; automatically retrieving at least one user artifact from a security manager identifier (SMID), the SMID including a quick response (QR) code that represents one or more artifacts previously provided by a user; automatically performing fingerprinting of the user device based on matching the at least one user artifact and a stored artifact; transmitting the access request based on the performing of the fingerprinting of the user device; and in response to the transmitting of the access request, receiving a resource access authorization for the application.
18. The non-transitory machine-readable storage medium of claim 17 , wherein the operations further comprise: receiving the SMID using at least one of QR code submission, redirection, push notification, manual entry or an email communication.
19. The non-transitory machine-readable storage medium of claim 17 , wherein the operations further comprise: transmitting the SMID to verify the user device in response to the identifying of the access request.
20. The non-transitory machine-readable storage medium of claim 17 , wherein the operations further comprise: signaling a display associated with the user device to present at least one portion of the at least one user artifact based on receiving an indication that the user device is verified by the web service.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
November 24, 2015
August 25, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.